Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 2 Aug 2010 21:19:28 +0000
From: Brandon Enright <bmenrigh@...d.edu>
To: john-users@...ts.openwall.com
Cc: solar@...nwall.com, bmenrigh@...d.edu
Subject: Re: contest results

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 2 Aug 2010 09:35:54 +0400
Solar Designer <solar@...nwall.com> wrote:

> Brandon - congrats to you and CrackHeads on what looks like your third
> place: http://contest.korelogic.com/stats.html
> 
> Apparently, we're 4th.


Alexander,

Thank you very much -- getting third is quite bittersweet -- I feel
guilty for not having John in my name since 95% of my cracks were from
John.  I'm also disappointed that a bit of fire-and-forget GPU cracking
of the NTLM hashes beat out both our team's hard work, adaptation, and
innovation.

The other member of my team to help with the cracking was a co-worker
of mine, Tom Maddock (t2maddock@...d.edu).

I am writing up my contest experience, strategy, thoughts, and
suggestions right now.  I should have the email done in a few hours.

> 
> On Fri, Jul 30, 2010 at 03:06:46AM +0000, Brandon Enright wrote:
> > ...  I am going to compete in the
> > contest and I'm not on the john-users team.  If I had known a month
> > ago there was interest I would have joined.  Now that I have
> > prepared for the contest I want to compete with my own team.
> 
> This is understandable, although you could have just asked whether
> there was interest a month ago. ;-)
> 
> > As I told SD, no matter what team wins, I have little doubt that it
> > will be a John-powered victory.
> 
> This is now doubtful.  The two winning teams, according to their
> names, relied on closed-source software, although I suspect that they
> were using John as well (and indeed John has indirectly contributed
> to what those closed-source programs have become).

Yes, this is quite sad.  I was sure that with all of the other hashes
besides NTLM in the competition that the GPU crackers would be very
limited.  With the volume of NTLM hashes though it seems all of our
effort to crack the other hashes went to little use.
 
> Brandon, Minga -

I am working on a writeup right now with more detail.
 
> I'd appreciate more info on what each team has been using/doing -
> hardware (and cost incurred, if any),

I used Amazon EC2 and spent $185.  We also used 1700 (of 2000) donated
CPU-hours on a large cluster with John + Magnum's MPI patch.

> software (free or previously acquired, I suppose?),

John (of course!), Matt Weir's "probabilistic cracker", some of my own
code (hacked up but releasable), and I'm ashamed to admit, some
oclHashcat.  We didn't use oclHashcat very effectively though.

> password cracking techniques, team management
> (e.g., what separate roles?), how many team members (and how many of
> them actually "active"), external contributions accepted (e.g., if
> another team shared their passwords) and how much help they were
> (e.g., 90% overlap with what the team already had), also info on
> stuff used by those external contributors if known.  I am willing to
> provide this info on our team.

I'll discuss this the above in my writeup.

> Also, I am curious about cumulative scores for multiple teams - e.g.,
> what if CrackHeads and john-users joined (which did not happen) -
> would we definitely be 2nd (hardly) or maybe not (which we can't know
> for sure from mere analysis of the results now, which Kore may
> perform, because if we acted as one team we'd actually crack more)?

Yeah you read my mind on this.  I would like to know too.  We can't
just sort -u our results because of the admin hashes but here are mine
anyways:

http://noh.ucsd.edu/~bmenrigh/crackheads.txt

> What would the cumulative score be for all submissions, by all teams?
> by the first two? by all except for the first two (if they all
> joined, would they surpass the winners or maybe-not)?

I would like to know this too.

> 
> Thanks,
> 
> Alexander

Thanks for your comments, my writeup will follow in a few hours.

Brandon


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)

iEYEARECAAYFAkxXNmgACgkQqaGPzAsl94IWjwCfXaDPFuM+bl53iVmQCL6HyvrM
BSsAoJgpTUHVVH/E2cXx3ZzqNyUDnJWA
=LDFO
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.